Limiting access to a computer, computer network or computer system is often a high priority. Several systems have been developed which limit access by using passwords separately or in combination with a username, biometrics and/or responses to queries posed to a user desiring computer access.
Increasingly, users seeking access to a computer system or network often do so using public computers, such as computers not controlled by the owner of a computer network or computer system to which a user wishes access. Such computers include computers at hotels, libraries, individual homes and schools, just to name a few. In addition, often a user accesses a computer network by using a public entry point, such as a public Wi-Fi hot spot, home computer network, an Internet Service Provider (“ISP”), wireless broadband carrier, or other wireless or hardwired router other than that of the computer system which the user ultimately wishes to gain access.
One security issue which arises with a user accessing a computer network using a public computer or entry point is that the public computer or entry point is not necessarily secure, i.e. one can either intercept a transmission as a user gains access to the computer network, or the public computer or public access point may retain authentication data of the user as he or she authenticates access to the computer network. One potential security issue is that unauthorized access may be obtained by using data which is intercepted as the authorized user accesses the computer network or by using authentication information which has previously been stored on the computer or intermediate router or server as the authorized user gains access to the computer network.
An additional security issue arises from spyware which can record conventional username and password entries as an authorized user accesses a computer network. For example, spyware can track and store keystrokes as an authorized user uses a non-secure computer and then relays the recorded information to allow unauthorized access to the computer network. Yet another security issue arises when an unauthorized person or camera observes an authorized user's entry of a username and password while in public.
Several recent additional methods for authentication include displaying images randomly on a computer screen from which a user must select a correct image before being allowing access to the computer network. For example, U.S. Patent Application Publication Nos. 2011/0202982 and 2007/0277224 both describe respective methods for authenticating a user who correctly identifies a random image displayed on a computer screen. However, these methods still have some of the same disadvantages as other prior authentication methods in terms of being susceptible to spyware and/or data interception.
In addition to accurately authenticating a user's access to a computer system, it is also beneficial to give feedback to a user that he or she is attempting to access the correct network. For example, prior to a user divulging personal information, a user would be provided indicia that the computer network, in fact, is the network to which the user wishes to gain access. Several methods include displaying a previously selected image to a user upon access into the network. A user, seeing the previously selected image, would know that he or she is, in fact, accessing the correct network. Conversely, if the user is not shown the previously selected image or is shown an incorrect image, the user would not that he or she has not accessed the correct computer network.